Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload

Elcom CMS 7.4.10 - Community Manager Insecure Arbitrary File Upload Elcom CMS - Community Manager Insecure File Upload Vulnerability - Security Advisory - SOS-12-008 Release Date. 24-Aug-2012 Last Update. - Vendor Notification Date. 28-Oct-2011 Product. Elcom CMS - Community Manager Platform...

Elcom Community Manager 7.4.10 Shell Upload

Elcom CMS - Community Manager Insecure File Upload Vulnerability - Security Advisory - SOS-12-008 Release Date. 24-Aug-2012 Last Update. - Vendor Notification Date. 28-Oct-2011 Product. Elcom CMS - Community Manager Platform. ASP.NET Affected versions. Elcom Community Manager version 7.4.10 and...

XODA Document Management System 0.4.5 XSS / Shell Upload

Exploit Title: XODA Document Management System Stored XSS & Arbitrary File Upload Vulnerability. Date: 21/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://xoda.org/ Software Link: http://sourceforge.net/projects/xoda/files/xoda/xoda-0.4.5/ Version: 0.4.5 Gr33Tz: @aviadgolan ,...

XODA Document Management System 0.4.5 - Cross-Site Scripting / Arbitrary File Upload

Exploit Title: XODA Document Management System Stored XSS & Arbitrary File Upload Vulnerability. Date: 21/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://xoda.org/ Software Link: http://sourceforge.net/projects/xoda/files/xoda/xoda-0.4.5/ Version: 0.4.5 Gr33Tz: @aviadgolan ,...

Joomla! Component com_osproperty 2.0.2 - Unrestricted Arbitrary File Upload

Joomla! Component comosproperty 2.0.2 - Unrestricted Arbitrary File Upload Exploit Title: Joomla comosproperty Unrestricted File Upload Google Dork: comosproperty Date: 13-07-2012 Author: Daniel Barragan "D4NB4R" Twitter: @D4NB4R site: http://www.insecurityperu.org/ &...

Joomla OS Property Shell Upload

Exploit Title: Joomla comosproperty Unrestricted File Upload Google Dork: comosproperty Date: 13-07-2012 Author: Daniel Barragan "D4NB4R" Twitter: @D4NB4R site: http://www.insecurityperu.org/ & http://poisonsecurity.wordpress.com/ Vendor: Ossolution Team http://extensions.joomla.org/ Version: 2.0...

Travelon Express CMS 6.2.2 - Multiple Vulnerabilities

Travelon Express CMS 6.2.2 - Multiple Vulnerabilities Title: ====== Travelon Express CMS v6.2.2 - Multiple Web Vulnerabilities Date: ===== 2012-05-10 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=530 VL-ID: ===== 530 Common Vulnerability Scoring System:...

WHMCS Simple Scanner (submitticket.php) Based [CVE-2012-0693]

Exploit for php platform in category web applications !/bin/bash BETA 0.01 clear cont=0 total=$1 total2=expr $total \ 10 PAGES=echo $total2| sed 's/.$//' dork=$2 seconds=$3 $ -eq 0 && echo "Usage: $0 $1 example: 10 submitticket.php 0 "; exit 1; function scan echo "" grep -o 'http://^".php'...

Car Portal CMS v3.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications Title: ====== Car Portal CMS v3.0 - Multiple Web Vulnerabilities Introduction: ============= Car Portal is a php software product for running auto classifieds websites. It provides functionality for the private sellers to sign up, list their c...

Car Portal CMS 3.0 - Multiple Vulnerabilities

Title: ====== Car Portal CMS v3.0 - Multiple Web Vulnerabilities Date: ===== 2012-04-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=502 VL-ID: ===== 502 Introduction: ============= Car Portal is a php software product for running auto classifieds websites. It provid...

Car Portal CMS 3.0 - Multiple Vulnerabilities

Car Portal CMS 3.0 - Multiple Vulnerabilities Title: ====== Car Portal CMS v3.0 - Multiple Web Vulnerabilities Date: ===== 2012-04-24 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=502 VL-ID: ===== 502 Introduction: ============= Car Portal is a php software product fo...

Car Portal CMS v3.0 - Multiple Web Vulnerabilities

Document Title: =============== Car Portal CMS v3.0 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=502 Release Date: ============= 2012-04-23 Vulnerability Laboratory ID VL-ID: ==================================== 502...

tty from web shell

эмулятор nc -l -s ADDR -p PORT ввод/вывод которого управляется через файлы in/out написан для получения tty из под веб-шелла tty from web shell с ним из веб шела можно юзать su, запускать эксплоиты и получать рута пример работы: Код: ./ttyServer.pl Server is ready at 127.0.0.1:43157 ./ttyClient.p...

Docebo LMS 4.0.4 SQL Injection / Code Execution

if$GLOBALS'modname' != '' $modulecfg =& createModu...

P.A.S. (php web-shell)

P.A.S. v.3.0.x Возможности : - Авторизация по кукам. - Шифрование шелла по вашему паролю сразу при скачивании. - Файловый менеджер : групповое удаление, перемещение, копирование, скачка и загрузка файлов и директорий. переименование и создание файлов и директорий. правка, просмотр, изменении...

WSO Web Shell 2.5.1 Download

This utility provides a Web interface for remote operation c operating system and its service / daemon. Opportunity Description / features: Authorization for cookies Server Information File manager copy, rename, move, delete, chmod, touch, creating files and folders View, hexview, editing,...

WSO Web Shell 2.5.1 Download

This utility provides a Web interface for remote operation c operating system and its service / daemon. Opportunity Description / features: Authorization for cookies Server Information File manager copy, rename, move, delete, chmod, touch, creating files and folders View, hexview, editing,...

CMS Lokomedia 1.5 arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

CMS Lokomedia is a php-based content management system. CMS Lokomedia 1.5 arbitrary file upload vulnerability that could result in an attacker access to the web shell. +info: CMS Lokomedia 1.5 Arbitary file upload vulnerability Software: CMS Lokomedia Vendor: http://bukulokomedia.com/home Vuln...

Phpbuddies arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

Phpbuddies is an open-source article Directory System, Phpbuddies in the presence of arbitrary file upload vulnerability that could result in an attacker access to the web shell. +info: Phpbuddies 0day Arbitrary Upload File Vulnerability Author : Xr0b0t [email protected] Homepage :...

IF-CMS 2.07 - Local File Inclusion (1)

IF-CMS 2.07 - Local File Inclusion 1 !/usr/bin/python INFORMATION Exploit Title: If-CMS 2.07 Pre-Auth Local File Inclusion 0day Exploit Author: TecR0c Date: 13/3/2011 Software link: http://bit.ly/hh9ZB4 Tested on: Linux bt Version: 2.07 PHP.ini Settings: gpcmagicquotes = Off import...